本說明書一個或多個實施例描述了藍牙設備連接方法和藍牙設備,能夠提高藍牙設備連接過程的安全性。根據第一態樣,提供了藍牙設備連接方法,包括:產生附加碼;當檢測到藍牙連接斷開後,對所述附加碼加密,產生第一密文;根據所述第一密文產生基於藍牙協定的廣播訊息,並發送所述廣播訊息;接收外部藍牙設備發來的掃描請求;根據所述掃描請求中攜帶的隨機私有位址,將基於藍牙協定的掃描回應發送給所述外部藍牙設備,其中,所述隨機私有位址為所述外部藍牙設備針對所述掃描請求產生的位址;當接收到所述外部藍牙設備發來的連接請求時,與所述外部藍牙設備建立藍牙連接。在一個實施例中,其中,所述產生附加碼,包括:產生亂數,以得到所述附加碼;所述根據所述第一密文產生基於藍牙協定的廣播訊息,進一步包括:在所述廣播訊息中攜帶明文形式的附加碼。在第二種可能實現的方式中,結合上述第一態樣,其中,所述產生附加碼,包括:利用預先設置的附加碼演算法週期性地產生附加碼,其中,所述附加碼演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法;所述對所述附加碼加密包括:對當前週期內產生的附加碼加密。在一個實施例中,所述對所述附加碼加密,產生第一密文,包括:利用第一加密演算法對所述附加碼和儲存的本地密鑰進行加密,得到第一密文,其中,所述第一加密演算法為單向函數,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第一加密演算法與所述藍牙連接所連接的藍牙設備共同約定的演算法。在一個實施例中,其中,在所述接收外部藍牙設備發來的掃描請求之後,在所述將基於藍牙協定的掃描回應發送給所述外部藍牙設備之前,進一步包括:利用第二解密演算法,根據所述附加碼和儲存的本地密鑰對所述掃描請求中攜帶的隨機私有位址進行解密,得到固定位址;確定儲存的固定位址與解密得到的所述固定位址是否相同,其中,所述儲存的固定位址是與所述藍牙連接所連接的藍牙設備共同約定儲存的位址,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第二解密演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法;如果相同,則執行所述將基於藍牙協定的掃描回應發送給所述外部藍牙設備。在一個實施例中,其中,所述根據所述掃描請求中攜帶的隨機私有位址,將基於藍牙協定的掃描回應發送給所述外部藍牙設備,包括:利用第三加密演算法對所述掃描請求中攜帶的隨機私有位址和儲存的本地密鑰進行加密,得到第二密文,其中,所述第二加密演算法為單向函數,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰;利用所述第二密文產生基於藍牙協定的掃描回應;將所述掃描回應透過所述隨機私有位址發送給所述外部藍牙設備。根據第二態樣,提供了藍牙設備連接方法,包括:檢測到藍牙連接斷開;當監聽到廣播訊息時,獲取附加碼;利用獲取的所述附加碼驗證所述廣播訊息的有效性;當確定所述廣播訊息有效時,對所述附加碼進行加密,產生隨機私有位址;將所述隨機私有位址攜帶在基於藍牙協定的掃描請求中,發送給發來所述廣播訊息的外部藍牙設備;當接收到所述外部藍牙設備根據所述隨機私有位址發來的掃描回應時,根據所述隨機私有位址向所述外部藍牙設備發送連接請求,以透過所述連接請求與所述外部藍牙設備建立連接。在一個實施例中,其中,所述廣播訊息中攜帶有明文形式的附加碼;則所述獲取附加碼,包括:從所述廣播訊息中獲取附加碼。針對第二種可能實現的方式中,結合上述第二態樣,利用預先設置的附加碼演算法週期性地產生附加碼,其中,所述附加碼演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法;獲取在當前週期內產生的附加碼。在一個實施例中,其中,所述利用獲取的所述附加碼驗證所述廣播訊息的有效性,包括:利用第一加密演算法對獲取的所述附加碼和儲存的本地密鑰進行加密,得到第三密文,其中,所述第一加密演算法為單向函數,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰;確定所述第三密文是否與所述廣播訊息中的第一密文相同;若相同,則確定所述廣播訊息有效。在一個實施例中,其中,所述對所述附加碼進行加密,產生隨機私有位址,包括:利用第二加密演算法對所述附加碼、儲存的固定位址和儲存的本地密鑰進行加密,得到隨機私有位址,其中,所述固定位址是與所述藍牙連接所連接的藍牙設備共同約定儲存的位址,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第二加密演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法。在一個實施例中,其中,當接收到所述外部藍牙設備根據所述隨機私有位址發來的掃描回應時,在所述根據所述隨機私有位址向所述外部藍牙設備發送連接請求之前,進一步包括:利用第三加密演算法對所述隨機私有位址和本地密鑰進行加密,得到第四密文;確定所述第四密文是否與所述掃描回應中的第二密文相同;若相同,則執行所述根據所述隨機私有位址向所述外部藍牙設備發送連接請求,其中,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第三加密演算法與所述藍牙連接所連接的藍牙設備共同約定的演算法。根據第三態樣,提供了藍牙設備,包括:附加碼產生模組,配置為產生附加碼;訊息產生模組,配置為當檢測到藍牙連接斷開後,對所述附加碼產生模組產生的所述附加碼加密,產生第一密文;根據所述第一密文產生基於藍牙協定的廣播訊息,並發送所述廣播訊息;請求處理模組,配置為接收外部藍牙設備發來的掃描請求;根據所述掃描請求中攜帶的隨機私有位址,將基於藍牙協定的掃描回應發送給所述外部藍牙設備,其中,所述隨機私有位址為所述外部藍牙設備針對所述掃描請求產生的位址;當接收到所述外部藍牙設備發來的連接請求時,與所述外部藍牙設備建立藍牙連接。在一個實施例中,其中,所述附加碼產生模組,配置為產生亂數,以得到所述附加碼;所述訊息產生模組,進一步配置為在所述廣播訊息中攜帶明文形式的附加碼。在一個實施例中,其中,所述附加碼產生模組,配置為利用預先設置的附加碼演算法週期性地產生附加碼,其中,所述附加碼演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法;所述訊息產生模組,配置為對當前週期內產生的附加碼加密。在一個實施例中,其中,所述訊息產生模組,配置為利用第一加密演算法對所述附加碼和儲存的本地密鑰進行加密,得到第一密文,其中,所述第一加密演算法為單向函數,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第一加密演算法與所述藍牙連接所連接的藍牙設備共同約定的演算法。在一個實施例中,其中,所述請求處理模組,配置為利用第二解密演算法,根據所述附加碼和儲存的本地密鑰對所述掃描請求中攜帶的隨機私有位址進行解密,得到固定位址;確定儲存的固定位址與解密得到的所述固定位址是否相同,其中,所述儲存的固定位址是與所述藍牙連接所連接的藍牙設備共同約定儲存的位址,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第二解密演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法;如果相同,則執行所述將基於藍牙協定的掃描回應發送給所述外部藍牙設備。在一個實施例中,其中,所述請求處理模組,配置為利用第三加密演算法對所述掃描請求中攜帶的隨機私有位址和儲存的本地密鑰進行加密,得到第二密文,其中,所述第二加密演算法為單向函數,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰;利用所述第二密文產生基於藍牙協定的掃描回應;將所述掃描回應透過所述隨機私有位址發送給所述外部藍牙設備。根據第四態樣,提供了藍牙設備,包括:連接檢測模組,配置為檢測到藍牙連接斷開;附加碼獲取模組,配置為當監聽到廣播訊息時,獲取附加碼;訊息驗證模組,配置為利用獲取的所述附加碼驗證所述廣播訊息的有效性;連接處理模組,配置為當確定所述廣播訊息有效時,對所述附加碼進行加密,產生隨機私有位址;將所述隨機私有位址攜帶在基於藍牙協定的掃描請求中,發送給發來所述廣播訊息的外部藍牙設備;當接收到所述外部藍牙設備根據所述隨機私有位址發來的掃描回應時,根據所述隨機私有位址向所述外部藍牙設備發送連接請求,以透過所述連接請求與所述外部藍牙設備建立連接。在一個實施例中,其中,所述廣播訊息中攜帶有明文形式的附加碼;所述附加碼獲取模組,配置為從所述廣播訊息中獲取附加碼。在一個實施例中,其中,所述附加碼獲取模組,配置為利用預先設置的附加碼演算法週期性地產生附加碼,其中,所述附加碼演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法;獲取在當前週期內產生的附加碼。在一個實施例中,其中,所述訊息驗證模組,配置為利用第一加密演算法對獲取的所述附加碼和儲存的本地密鑰進行加密,得到第三密文,其中,所述第一加密演算法為單向函數,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰;確定所述第三密文是否與所述廣播訊息中的第一密文相同;若相同,則確定所述廣播訊息有效。在一個實施例中,其中,所述連接處理模組,配置為利用第二加密演算法對所述附加碼、儲存的固定位址和儲存的本地密鑰進行加密,得到隨機私有位址,其中,所述固定位址是與所述藍牙連接所連接的藍牙設備共同約定儲存的位址,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第二加密演算法是與所述藍牙連接所連接的藍牙設備共同約定的演算法。在一個實施例中,其中,所述連接處理模組,配置為利用第三加密演算法對所述隨機私有位址和本地密鑰進行加密,得到第四密文;確定所述第四密文是否與所述掃描回應中的第二密文相同;若相同,則執行所述根據所述隨機私有位址向所述外部藍牙設備發送連接請求,其中,所述本地密鑰是與所述藍牙連接所連接的藍牙設備共同約定的密鑰,所述第三加密演算法與所述藍牙連接所連接的藍牙設備共同約定的演算法。根據第五態樣,提供了一種電腦可讀取儲存媒體,其上儲存有電腦程式,當所述電腦程式在電腦中執行時,令電腦執行上述任一實施例所述的方法。根據第六態樣,提供了一種計算設備,包括儲存器和處理器,所述儲存器中儲存有可執行碼,所述處理器執行所述可執行碼時,實現上述任一實施例所述的方法。根據說明書實施例提供的方法和設備,若檢測到藍牙連接斷開後,可先基於現場產生的附加碼產生基於藍牙協定的廣播訊息,並對廣播訊息進行廣播。以便監聽到該廣播訊息的外部藍牙設備可以返回攜帶針對此次掃描請求的隨機私有位址,利用該私有位址即可與發來掃描請求的外部藍牙設備建立藍牙連接。由於附加碼不是一個固定不變的值,而是現場產生的,所以使得廣播訊息也不是固定不變的訊息。並且外部藍牙設備發來的隨機私有位址也是針對該掃描請求的位址,因此,與發來掃描請求的外部藍牙設備通訊的隨機私有位址也不是固定不變的,因此,可以有效地防止藍牙設備資訊被竊取後與其他的藍牙設備建立連接導致藍牙設備之間傳輸的資訊洩露,從而實現提高藍牙設備連接過程的安全性。One or more embodiments of this specification describe a Bluetooth device connection method and a Bluetooth device, which can improve the security of the Bluetooth device connection process.According to the first aspect, a Bluetooth device connection method is provided, including:generate additional code;After detecting that the Bluetooth connection is disconnected, encrypt the additional code to generate a first ciphertext;Generate a broadcast message based on the Bluetooth protocol according to the first ciphertext, and send the broadcast message;Receive scan requests from external Bluetooth devices;Send a scan response based on the Bluetooth protocol to the external Bluetooth device according to the random private address carried in the scan request, where the random private address is a bit generated by the external Bluetooth device for the scan request site;When receiving the connection request sent by the external Bluetooth device, establish a Bluetooth connection with the external Bluetooth device.In one embodiment, wherein said generating additional code, comprises:generating random numbers to obtain the additional code;The generating a broadcast message based on the Bluetooth protocol according to the first ciphertext, further comprising:The additional code in plaintext is carried in the broadcast message.In a second possible implementation manner, in combination with the above-mentioned first aspect, the generating an additional code includes:The additional code is periodically generated by using a preset additional code algorithm, wherein the additional code algorithm is an algorithm jointly agreed with the Bluetooth device connected to the Bluetooth connection;The encrypting the additional code includes: encrypting the additional code generated in the current cycle.In one embodiment, generating the first ciphertext by encrypting the additional code includes:The additional code and the stored local key are encrypted by using a first encryption algorithm to obtain a first ciphertext, wherein the first encryption algorithm is a one-way function, and the local key is the same as the Bluetooth A key agreed upon by the connected Bluetooth devices, the first encryption algorithm and an algorithm commonly agreed upon by the Bluetooth devices connected by the Bluetooth connection.In one embodiment, after the receiving the scan request sent by the external Bluetooth device, before the sending the scan response based on the Bluetooth protocol to the external Bluetooth device, the method further includes:Utilize the second decryption algorithm to decrypt the random private address carried in the scan request according to the additional code and the stored local key to obtain a fixed address;Determine whether the stored fixed address is the same as the fixed address obtained by decryption, wherein the stored fixed address is an address jointly agreed to store with the Bluetooth device connected to the Bluetooth connection, and the local key is a key jointly agreed with the Bluetooth device connected to the Bluetooth connection, and the second decryption algorithm is an algorithm commonly agreed upon with the Bluetooth device connected to the Bluetooth connection;If they are the same, then performing the sending of the scan response based on the Bluetooth protocol to the external Bluetooth device.In one embodiment, the sending a scan response based on the Bluetooth protocol to the external Bluetooth device according to the random private address carried in the scan request includes:A third encryption algorithm is used to encrypt the random private address and the stored local key carried in the scan request to obtain a second ciphertext, wherein the second encryption algorithm is a one-way function, and the local The key is a key agreed upon with the Bluetooth device connected to the Bluetooth connection;Using the second ciphertext to generate a scan response based on the Bluetooth protocol;Sending the scan response to the external Bluetooth device through the random private address.According to the second aspect, a Bluetooth device connection method is provided, including:Detected that the bluetooth connection is disconnected;When listening to the broadcast message, get the additional code;Use the acquired additional code to verify the validity of the broadcast message;When it is determined that the broadcast message is valid, the additional code is encrypted to generate a random private address;Carrying the random private address in the scan request based on the Bluetooth protocol, and sending it to the external Bluetooth device that sent the broadcast message;When receiving a scan response from the external Bluetooth device according to the random private address, send a connection request to the external Bluetooth device according to the random private address, so as to communicate with the external Bluetooth device through the connection request The device establishes a connection.In an embodiment, wherein the broadcast message carries an additional code in plain text; the obtaining the additional code includes: obtaining the additional code from the broadcast message.For the second possible implementation manner, combined with the above-mentioned second aspect, an additional code is periodically generated by using a preset additional code algorithm, wherein the additional code algorithm is a Bluetooth connected to the Bluetooth connection. The algorithm agreed by the equipment;Get the additional code generated in the current cycle.In one embodiment, wherein the verifying the validity of the broadcast message by using the acquired additional code includes:The acquired additional code and the stored local key are encrypted by using a first encryption algorithm to obtain a third ciphertext, wherein the first encryption algorithm is a one-way function, and the local key is the same as the stored local key. the key agreed upon by the Bluetooth devices connected to the Bluetooth connection;determining whether the third ciphertext is the same as the first ciphertext in the broadcast message;If the same, it is determined that the broadcast message is valid.In one embodiment, wherein the encrypting the additional code to generate a random private address includes:The additional code, the stored fixed address and the stored local key are encrypted using a second encryption algorithm to obtain a random private address, wherein the fixed address is a Bluetooth device connected to the Bluetooth connection The address of storage is jointly agreed upon, the local key is a key agreed upon with the Bluetooth device connected to the Bluetooth connection, and the second encryption algorithm is agreed upon with the Bluetooth device connected with the Bluetooth connection algorithm.In one embodiment, when a scan response sent by the external Bluetooth device according to the random private address is received, before the connection request is sent to the external Bluetooth device according to the random private address , which further includes:Utilize the third encryption algorithm to encrypt the random private address and the local key to obtain the fourth ciphertext;determining whether the fourth ciphertext is the same as the second ciphertext in the scan response;If they are the same, the sending a connection request to the external Bluetooth device according to the random private address is performed, wherein the local key is a key agreed with the Bluetooth device connected to the Bluetooth connection, and the The third encryption algorithm is an algorithm jointly agreed upon with the Bluetooth device connected to the Bluetooth connection.According to a third aspect, a Bluetooth device is provided, including:The additional code generation module is configured to generate the additional code;The message generation module is configured to encrypt the additional code generated by the additional code generation module after detecting that the Bluetooth connection is disconnected to generate a first ciphertext; generate a Bluetooth protocol-based message according to the first ciphertext broadcast messages, and send said broadcast messages;The request processing module is configured to receive a scan request sent by an external Bluetooth device; according to the random private address carried in the scan request, send a scan response based on the Bluetooth protocol to the external Bluetooth device, wherein the random private address is sent to the external Bluetooth device. The private address is an address generated by the external bluetooth device for the scan request; when a connection request sent by the external bluetooth device is received, a bluetooth connection is established with the external bluetooth device.In one embodiment, wherein, the additional code generation module is configured to generate random numbers to obtain the additional code;The message generating module is further configured to carry an additional code in plain text in the broadcast message.In one embodiment, the additional code generation module is configured to periodically generate additional codes by using a preset additional code algorithm, wherein the additional code algorithm is connected to the Bluetooth connection Algorithms commonly agreed upon by Bluetooth devices;The message generating module is configured to encrypt the additional code generated in the current cycle.In one embodiment, the message generating module is configured to encrypt the additional code and the stored local key by using a first encryption algorithm to obtain a first ciphertext, wherein the first encryption The algorithm is a one-way function, the local key is a key jointly agreed upon with the Bluetooth device connected to the Bluetooth connection, and the first encryption algorithm is a calculation jointly agreed upon with the Bluetooth device connected to the Bluetooth connection Law.In one embodiment, the request processing module is configured to use a second decryption algorithm to decrypt the random private address carried in the scan request according to the additional code and the stored local key, Obtain a fixed address; determine whether the stored fixed address is the same as the decrypted fixed address, wherein the stored fixed address is an address jointly agreed to store with the bluetooth device connected to the bluetooth connection, The local key is a key jointly agreed with the Bluetooth device connected to the Bluetooth connection, and the second decryption algorithm is an algorithm commonly agreed upon with the Bluetooth device connected to the Bluetooth connection; if the same, then The sending of the scan response based on the Bluetooth protocol to the external Bluetooth device is performed.In one embodiment, the request processing module is configured to use a third encryption algorithm to encrypt the random private address and the stored local key carried in the scan request to obtain the second ciphertext, The second encryption algorithm is a one-way function, and the local key is a key agreed upon with the Bluetooth device connected to the Bluetooth connection; the second ciphertext is used to generate a scan response based on the Bluetooth protocol ; Send the scan response to the external Bluetooth device through the random private address.According to a fourth aspect, a Bluetooth device is provided, comprising:The connection detection module is configured to detect that the Bluetooth connection is disconnected;The additional code obtaining module is configured to obtain the additional code when the broadcast message is monitored;a message verification module, configured to verify the validity of the broadcast message by using the acquired additional code;The connection processing module is configured to encrypt the additional code when it is determined that the broadcast message is valid to generate a random private address; carry the random private address in the scan request based on the Bluetooth protocol, and send it to the sender The external bluetooth device that received the broadcast message; when receiving the scan response sent by the external bluetooth device according to the random private address, send a connection request to the external bluetooth device according to the random private address, to Establish a connection with the external Bluetooth device through the connection request.In one embodiment, wherein, the broadcast message carries an additional code in plaintext;The additional code obtaining module is configured to obtain the additional code from the broadcast message.In one embodiment, the additional code acquisition module is configured to periodically generate additional codes by using a preset additional code algorithm, wherein the additional code algorithm is connected to the Bluetooth connection Algorithm commonly agreed upon by Bluetooth devices; obtains the additional code generated in the current cycle.In one embodiment, the message verification module is configured to use a first encryption algorithm to encrypt the acquired additional code and the stored local key to obtain a third ciphertext, wherein the first encryption algorithm An encryption algorithm is a one-way function, the local key is a key agreed with the Bluetooth device connected to the Bluetooth connection; determine whether the third ciphertext is the same as the first ciphertext in the broadcast message are the same; if they are the same, it is determined that the broadcast message is valid.In one embodiment, the connection processing module is configured to encrypt the additional code, the stored fixed address and the stored local key using a second encryption algorithm to obtain a random private address, wherein , the fixed address is an address jointly agreed to store with the Bluetooth device connected to the Bluetooth connection, the local key is a key agreed to with the Bluetooth device connected to the Bluetooth connection, the second The encryption algorithm is an algorithm commonly agreed upon with the Bluetooth devices connected to the Bluetooth connection.In one embodiment, the connection processing module is configured to encrypt the random private address and the local key by using a third encryption algorithm to obtain a fourth ciphertext; determine the fourth ciphertext Whether it is the same as the second ciphertext in the scan response; if the same, execute the sending a connection request to the external Bluetooth device according to the random private address, wherein the local key is the same as the Bluetooth A key agreed upon by the connected Bluetooth devices, and the third encryption algorithm is a commonly agreed upon algorithm with the Bluetooth devices connected by the Bluetooth connection.According to a fifth aspect, a computer-readable storage medium is provided, on which a computer program is stored, and when the computer program is executed in the computer, the computer is made to execute the method described in any one of the above embodiments.According to a sixth aspect, a computing device is provided, including a storage and a processor, wherein executable codes are stored in the storage, and when the processor executes the executable codes, any one of the foregoing embodiments is implemented. Methods.According to the method and device provided by the embodiments of the specification, if it is detected that the Bluetooth connection is disconnected, a broadcast message based on the Bluetooth protocol can be generated based on the additional code generated on site, and the broadcast message can be broadcast. In order to monitor the broadcast message, the external bluetooth device can return a random private address carrying the scan request, and use the private address to establish a bluetooth connection with the external bluetooth device that sent the scan request. Since the additional code is not a fixed value, but is generated on the spot, the broadcast message is also not a fixed message. And the random private address sent by the external bluetooth device is also the address for the scan request. Therefore, the random private address communicated with the external bluetooth device that sends the scan request is not fixed. Therefore, it can effectively prevent After the Bluetooth device information is stolen, establishing a connection with other Bluetooth devices results in leakage of information transmitted between the Bluetooth devices, thereby improving the security of the Bluetooth device connection process.
如前所述,藍牙設備是基於藍牙技術通訊的設備。目前各種藍牙設備在進行資料交互時,通常會發送出自身固定的藍牙位址,或者在掃描時返回用於表徵自身屬性的固定的屬性資訊。當該藍牙設備發送出的資訊被攻擊者攔截獲取到後,攻擊者可能基於攔截到的資訊與該藍牙設備所要連接的設備建立連接,以冒充該藍牙設備獲取兩個設備之間的通訊資料。或者攻擊者將攔截到的資訊用作他處,導致藍牙設備資訊的洩露,降低藍牙設備連接過程的安全性。另外,攻擊者長時間佔用該藍牙設備與所要連接的設備之間的連接,還會導致該藍牙設備無法與所要連接的設備建立連接,從而影響藍牙設備的通訊。為此,根據本說明書的實施例,總體上採用動態的附加碼使得基於藍牙技術通訊的藍牙設備之間進行驗證。由於附加碼不是固定不變的,因此,當藍牙設備斷開藍牙連接後,透過動態的附加碼與所要連接的設備進行連接,可以防止攻擊者利用固定不變的驗證資訊冒充藍牙設備與其他的藍牙設備建立連接,因此,可以提高藍牙設備連接過程的安全性,使得藍牙設備之間的連接更可靠。透過上述描述,現有的藍牙設備之間的連接方式,安全性較低。針對於此,本說明書一個實施例提供了藍牙設備連接方法,應用於發起方藍牙設備,該發起方藍牙設備是這樣一種設備,在斷開藍牙連接後,透過主動發送廣播訊息來主動發起重建藍牙連接的藍牙設備,如圖1所示,具體可以包括以下步驟:步驟101:產生附加碼;步驟102:當檢測到藍牙連接斷開後,對該附加碼進行加密產生第一密文;步驟103:根據該第一密文產生基於藍牙協定的廣播訊息,並發送廣播訊息;步驟104:接收外部藍牙設備發來的掃描請求;步驟105:根據該掃描請求中攜帶的隨機私有位址,將基於藍牙協定的掃描回應發送給該外部藍牙設備,其中,隨機私有位址為外部藍牙設備針對掃描請求產生的位址;步驟106:當接收到該外部藍牙設備發來的連接請求時,與該外部藍牙設備建立藍牙連接。在該實施例中,若檢測到藍牙連接斷開後,可先基於現場產生的附加碼產生基於藍牙協定的廣播訊息,並對廣播訊息進行廣播。以便監聽到該廣播訊息的外部藍牙設備可以返回攜帶針對此次掃描請求的隨機私有位址,利用該私有位址即可與發來掃描請求的外部藍牙設備建立藍牙連接。由於附加碼不是一個固定不變的值,而是現場產生的,所以使得廣播訊息也不是固定不變的訊息。並且外部藍牙設備發來的隨機私有位址也是針對該掃描請求的位址,因此,與發來掃描請求的外部藍牙設備通訊的隨機私有位址也不是固定不變的,因此,可以有效地防止藍牙設備資訊被竊取後與其他的藍牙設備建立連接導致藍牙設備之間傳輸的資訊洩露,從而實現提高藍牙設備連接過程的安全性。可以理解的是,在未斷開藍牙連接之前,透過藍牙連接所連接的藍牙設備之間可以預先約定在藍牙連接斷開後由哪一方主動發送廣播訊息。為了提高藍牙設備連接的安全性,針對發送廣播訊息的藍牙設備,本說明書實施例提供了兩種獲取附加碼方式,方式一為主動發送廣播訊息的藍牙設備產生附加碼,方式二為廣播訊息的發送方和接收方均按照約定的方式同時產生附加碼;針對方式一:將隨機產生的亂數作為附加碼,並將明文形式的附加碼攜帶在廣播訊息中。由於附加碼是隨機產生的,無法提前預測,可以增加廣播訊息偽造的難度。再將明文形式的附加碼攜帶在廣播訊息中,可以使得監聽到該廣播訊息的外部藍牙設備可基於明文形式的附加碼對廣播訊息中的第一密文進行驗證,確定該第一密文是否為被偽造的密文,從而判斷監聽到的廣播訊息的有效性,以提高藍牙設備之間連接過程的安全性。針對方式二:在藍牙連接斷開之前,與藍牙連接所連接的藍牙設備之間預先共同約定附加碼演算法,利用該附加碼演算法按照指定週期產生附加碼,比如,按照週期30分(min)、120min或者500min。由於附加碼演算法是與所連接的藍牙設備約定好的,因此,兩個設備之間可以在同樣的時間點產生同樣的附加碼,這樣,當該藍牙設備監聽到廣播訊息後,可利用自身產生的附加碼對廣播訊息進行驗證,確定廣播訊息中的第一密文是否與利用自身產生的附加碼得到的密文相同,從而判斷廣播訊息是否為攻擊者發來的訊息,以提高藍牙設備之間連接過程的安全性。為了進一步增加攻擊者偽造廣播訊息的難度,在另一個實施例中,在藍牙連接未斷開之前,可先與藍牙連接所連接的藍牙設備之間約定共同的本地密鑰以及用於產生第一密文的第一加密演算法F1(x1,y1),並分別進行儲存,其中,x1表徵第一加密演算法的第一變數,y1表徵第一加密演算法的第二變數。為了進一步提高廣播訊息的偽造難度,透過驗證廣播訊息而過濾掉攻擊者,第一加密演算法可以是單向函數。基於此,第一密文可以基於附加碼和本地密鑰利用第一加密演算法進行加密,得到第一密文。但是,基於第一密文和附加碼,無法利用第一加密演算法反推得到本地密鑰;同樣地,基於第一密文和本地密鑰,仍無法利用第一加密演算法反推得到附加碼。這樣可以保證需要同時獲取到附加碼、第一加密演算法以及本地密鑰後,才能得到第一密文進而產生廣播訊息。並且由於附加碼是動態的碼,因此,可以避免攻擊者長期與藍牙設備建立連接。具體地,第一密文可以透過下述方式得到:若將附加碼的值賦值給第一加密演算法F1(x1,y1)的第一變數x1,則本地密鑰的值賦值給第一加密演算法F1(x1,y1)的第二變數y1;若附加碼的值賦值給第二變數y1,則本地密鑰的值賦值給第一變數x1。然後利用賦值後的第一加密演算法產生第一密文。為了防止攻擊者仿冒藍牙連接斷開之前所連接的藍牙設備,在另一個實施例中,在藍牙連接未斷開之前,先與藍牙連接所連接的藍牙設備共同約定用於產生隨機私有位址的第二加密演算法F2e(x2e,y2e,z2e)、用於驗證隨機私有位址的第二解密演算法F2d(x2d,y2d,z2d)、本地密鑰以及該藍牙設備的固定位址,其中,x2d表徵第二解密演算法的第一變數,y2d表徵第二解密演算法的第二變數,z2d表徵第二解密演算法的第三變數,x2e表徵第二加密演算法的第一變數,y2e表徵第二加密演算法的第二變數,z2e表徵第二加密演算法的第三變數。這樣,在接收到外部藍牙設備發來的掃描請求之後,利用儲存的第二解密演算法根據附加碼和本地密鑰對掃描請求中攜帶的隨機私有位址進行解密,得到解密後的固定位址。透過將儲存的固定位址與解密得到的固定位址進行比對,確定兩者是否相同,若相同,可以確定掃描請求中攜帶的隨機私有位址未被偽造,即,該隨機私有位址是可信的,因此,可以利用該隨機私有位址與發來隨機私有位址的藍牙設備通訊。由於攻擊者在未獲取到本地密鑰、固定位址、附加碼以及用於產生私有隨機位址的第二加密演算法時,無法產生正確的隨機私有位址。這樣,當對攻擊者發送的掃描請求中攜帶的錯誤的隨機私有位址進行解密後會得到錯誤的位址,透過與儲存的固定位址進行比對,即可過濾掉仿冒該藍牙設備的攻擊者,使得攻擊者攻擊失敗。為了進一步增加攻擊者獲取藍牙設備資訊的難度,在另一個實施例中,在藍牙連接斷開之前,可先與藍牙連接所連接的藍牙設備之間共同約定用於對隨機私有位址進行加密的第三加密演算法F3(x3,y3)和本地密鑰。這樣在接收到掃描請求後,若將隨機私有位址的值賦值給第三加密演算法F3(x3,y3)的第一變數,則將本地密碼則賦值給第三加密演算法F3(x3,y3)的第二變數,反之,將本地密碼賦值給F3(x3,y3)的第一變數。然後利用賦值後的第三加密演算法產生第二密文。為了保證第二密文的安全性,第三加密演算法為單向函數。基於此,攻擊者需要獲取到第三加密演算法和本地密鑰才可以計算出真正的第二密文,透過此種方式,可以過濾掉仿冒藍牙設備的攻擊者,使得攻擊者攻擊失敗,從而提高藍牙設備連接過程的安全性。本說明書一個實施例提供了藍牙設備連接方法,應用於接收方藍牙設備,該接收方藍牙設備是這樣一種設備,在斷開藍牙連接後,未主動發起重建藍牙連接,並透過監聽廣播訊息來重建藍牙連接的藍牙設備,如圖2所示,具體可以包括以下步驟:步驟201:檢測到藍牙連接斷開;步驟202:當監聽到廣播訊息時,獲取附加碼;步驟203:利用獲取的附加碼驗證廣播訊息的有效性;步驟204:當確定廣播訊息有效時,對附加碼進行加密,產生隨機私有位址;步驟205:將隨機私有位址攜帶在基於藍牙協定的掃描請求中,發送給發來廣播訊息的外部藍牙設備;步驟206:當接收到外部藍牙設備根據隨機私有位址發來的掃描回應時,根據隨機私有位址向外部藍牙設備發送連接請求,以透過連接請求與外部藍牙設備建立連接。在該實施例中,若檢測到藍牙連接斷開後,可先基於監聽到的廣播訊息獲取附加碼,然後對監聽到的廣播訊息進行驗證,以確定廣播訊息是否為攻擊者偽造的訊息;當確定廣播訊息非攻擊者偽造的訊息後,可以利用附加碼進行加密,然後將產生的隨機私有位址攜帶在掃描請求中,並發送給發來廣播訊息的外部藍牙設備。由於該隨機私有位址是基於動態的附加碼產生的位址,所以基於附加碼產生的隨機私有位址也不是固定不變的位址。這樣發來廣播訊息的外部藍牙設備利用隨機私有位址進行建立連接,可以有效地防止藍牙設備資訊被竊取後與其他的藍牙設備建立連接導致藍牙設備之間傳輸的資訊洩露,從而實現提高藍牙設備連接過程的安全性。可以理解的是,在未斷開藍牙連接之前,透過藍牙連接所連接的藍牙設備之間可以預先約定在藍牙連接斷開後由哪一方主動發送廣播訊息。為了提高藍牙設備連接過程的安全性,針對監聽到廣播訊息的藍牙設備,本說明書實施例提供了兩種獲取附加碼方式;方式一:監聽到的廣播訊息中攜帶有明文形式的附加碼,這樣可以從廣播訊息中獲取該附加碼,利用該附加碼對廣播訊息的有效性進行驗證,而無需自己產生附加碼,從而可以減少接收廣播訊息的藍牙設備的處理操作。方式二:在藍牙連接斷開之前,與藍牙連接所連接的藍牙設備之間共同約定用於產生附加碼的附加碼演算法以及產生附加碼的週期。這樣,共同約定的藍牙設備之間按照約定的週期,利用附加碼演算法可以產生相同的附加碼。比如,每180min產生一個附加碼。這樣,共同約定的主動發送廣播訊息的藍牙設備在利用附加碼產生廣播訊息並進行廣播。共同約定的接收方藍牙設備可利用自身在監聽到廣播訊息所在的週期產生的附加碼,對監聽到的廣播訊息進行驗證。若該廣播訊息是利用共同約定的演算法得到的附加碼所產生的訊息,那麼可以驗證得到該廣播訊息是有效地,反之,可以確定該廣播訊息為攻擊者偽造的訊息。為了進一步增加攻擊者偽造廣播訊息的難度,在本說明書的另一個實施例中,在藍牙連接未斷開之前,可先與藍牙連接所連接的藍牙設備之間共同約定本地密鑰、用於產生第一密文的第一加密演算法F1(x1,y1),並分別進行儲存,其中,x1表徵第一加密演算法的第一變數,y1表徵第一加密演算法的第二變數。為了進一步提高廣播訊息的偽造難度,透過驗證廣播訊息而過濾掉攻擊者,第一加密演算法可以是單向函數。基於此,攻擊者需要在獲取到本地密鑰和第一加密演算法後計算出正確的第一密文,進而產生廣播訊息,否則,攻擊者無法產生正確的廣播訊息。另外,由於附加碼是動態的碼,是現場產生的碼,攻擊者在獲取到一次附加碼後不會長時間與藍牙連接所連接的藍牙設備建立長時間的連接,因此,可以進一步增加攻擊者仿冒設備的難度,實現提高藍牙設備的安全性的目的。由此,在監聽到廣播訊息後,若獲取到的附加碼的值賦值給第一加密演算法的第一變數x1,則儲存的本地密鑰的值賦值給第一加密演算法F1(x1,y1)的第二變數y1;若獲取到的附加碼的值賦值給第二變數y1,則本地密鑰賦值給第一變數x1。然後利用賦值後的第一加密演算法可以產生第三密文,透過將第三密文和廣播訊息中的第一密文進行比較,若兩者相同,則可以確定廣播訊息未被偽造,廣播訊息是有效地,因此,可以與發來廣播訊息的藍牙設備進一步交互。若兩者不同,則可以確定廣播訊息是偽造的,因此無需在與發來廣播訊息的藍牙設備進一步交互。具體地,儲存的本地密鑰可以是藍牙設備之間在第一次建立藍牙連接時約定的密鑰,也可以是藍牙設備之間在第n次建立藍牙連接後再次約定的密鑰,其中n大於1。為了防止攻擊者偽造隨機私有位址,在本說明書的另一個實施例中,在藍牙連接未斷開之前,可先與藍牙連接所連接的藍牙設備之前約定共同的本地密鑰、固定位址、用於產生隨機私有位址的第二加密演算法F2e(x2e,y2e)以及用於驗證隨機私有位址的第二解密演算法F2d(x2d,y2d,z2d),其中,x2d表徵第二解密演算法的第一變數,y2d表徵第二解密演算法的第二變數,z2d表徵第二解密演算法的第三變數,x2e表徵第二加密演算法的第一變數,y2e表徵第二加密演算法的第二變數,z2e表徵第二加密演算法的第三變數。當確定監聽到的廣播訊息有效時,可以先產生隨機私有位址。產生隨機私有位址的方式包括:將附加碼的值、本地密鑰的值以及固定位址的值賦值給第二加密演算法的變數,然後利用賦值後的第二加密演算法產生隨機私有位址。若攻擊者冒充監聽廣播訊息的藍牙設備,攻擊者在未獲取到本地密鑰、固定位址以及第二加密演算法時,攻擊者無法產生正確的隨機私有位址,因此,當外部藍牙設備接收到掃描請求對隨機私有位址驗證後,可以發現掃描請求是否為攻擊者發送的請求。為了防止攻擊者偽造掃描回應,在本說明書的另一個實施例中,在藍牙連接未斷開之前,可先與藍牙連接所連接的藍牙設備之間約定共同的本地密鑰以及用於驗證掃描回應的第三加密演算法F3(x3,y3),其中,x3表徵第三加密演算法的第一變數,y3表徵第三加密演算法的第二變數。在接收到掃描回應之後,可以將自身產生的隨機私有位址和儲存的本地密鑰的值賦值給第三加密演算法,然後利用賦值後的第三加密演算法產生第四密文。透過將第四密文與掃描回應中的第二密文進行比對,可知掃描回應是否為攻擊者偽造的回應,若該掃描回應不是攻擊者偽造的,則可與發來掃描回應的外部藍牙設備建立連接,反之,則無需與發來該掃描回應的外部藍牙設備進行交互。下面以基於藍牙技術進行資料交互的藍牙設備「蜻蜓」和「鍵盤」為例,對本說明書實施例提供的藍牙設備連接方法進行說明,如圖3所示,具體可以包括以下步驟:步驟301:鍵盤產生附加碼,並在發現與蜻蜓之間的藍牙連接斷開後,利用預先與蜻蜓約定的第一加密演算法對本地密鑰和附加碼進行加密,得到第一密文,並發送基於第一密文產生的廣播訊息。具體地,鍵盤可與蜻蜓在藍牙連接未斷開之間約定,若藍牙連接斷開後由鍵盤主動發送廣播訊息,並約定產生廣播訊息的附加碼是由鍵盤方獨自產生還是由雙方按照相同的演算法週期性產生。由於附加碼是現場產生的,不是固定不變的碼,因此,可以使得斷開藍牙連接後的廣播訊息也不是固定不變的訊息,從而可以增加攻擊者竊取藍牙設備資料的難度。步驟302:蜻蜓監聽到廣播訊息後,獲取附加碼,利用預先與鍵盤約定的第一加密演算法、本地密鑰和附加碼對廣播訊息中的第一密文進行驗證。若廣播訊息有效,則利用與鍵盤約定的第二加密演算法、本地密鑰和固定位址產生隨機私有位址,然後將攜帶隨機私有位址的掃描請求發送給鍵盤。具體地,蜻蜓監聽到廣播訊息後可以基於預先約定的附加碼的獲取方法獲取對應的附加碼,比如,約定的附加碼獲取方式為廣播訊息中攜帶明文形式的附加碼,那麼蜻蜓從廣播訊息中讀取附加碼即可。或者,約定的附加碼獲取方式為雙方共同按照附加碼演算法週期性產生附加碼,那麼此時,蜻蜓可利用當前週期產生的附加碼對廣播訊息進行驗證。當蜻蜓驗證廣播訊息有效時,即利用附加碼和與鍵盤約定的本地密鑰利用第一加密演算法進行加密後,得到的第三密文與廣播訊息中的相同,即確定廣播訊息有效。然後再利用與鍵盤約定的第二加密演算法對本地密鑰、固定位址和附加碼產生隨機私有位址,並攜帶在掃描請求中發送給鍵盤。步驟303:鍵盤利用與蜻蜓約定的第二解密演算法和本地密鑰對掃描請求中的隨機私有位址進行解密,若得到的固定位址與儲存的固定位址相同,則利用與蜻蜓約定的第三加密演算法、本地密鑰和隨機私有位址產生第三密文,進而產生掃描回應,並透過隨機私有位址發送給蜻蜓。具體地,鍵盤在接收到掃描請求後,需要對掃描請求中的隨機私有位址進行驗證,即,利用與蜻蜓約定的第二解密演算法和自身產生的附加碼對隨機私有位址進行解密,若得到的固定位址與預先約定的固定位址相同,則表徵隨機私有位址是蜻蜓產生的位址,因此,可利用第三加密演算法對隨機私有位址和本地密鑰進行加密,得到掃描回應,併發送給蜻蜓。步驟304:蜻蜓對隨機私有位址進行監聽,在接收到掃描回應之後,利用與鍵盤約定的第三加密演算法、本地密鑰和自身產生的隨機私有位址產生第四密文,將第四密文與掃描回應中的第二密文進行比對,在確定兩者相同時,向鍵盤發送連接請求。具體地,蜻蜓在接收到掃描回應後,還需要對掃描回應進行驗證,即,利用第三加密演算法對自身儲存的本地密鑰和自身產生的隨機私有位址進行加密,若得到的第四密文與掃描回應中的第二密文相同,則表徵掃描回應是鍵盤發來的回應,因此,可與其建立藍牙連接。步驟305:鍵盤接收到連接請求後,與蜻蜓建立藍牙連接。綜上可見,由於附加碼是動態產生的,建立藍牙連接的藍牙設備之間約定第一加密演算法、第二加密演算法、第二解密演算法、第三加密演算法、本地密鑰以及固定位址,因此,在攻擊者未獲取到上述約定的內容後,攻擊者無法偽造正確的廣播訊息、隨機私有位址、掃描請求和掃描回應,因此,可以有效地防止攻擊者利用截獲的資訊仿冒藍牙設備與其他設備建立連接,從而可以提高藍牙設備之間連接過程的安全性。需要說明的是,廣播訊息包括基於藍牙協定的ADV_IND,掃描請求包括基於藍牙協定的SCAN_REQ,掃描回應包括基於藍牙協定的SCAN_RSP。上述任一實施例中的第一加密演算法和第三加密演算法包括:雜湊演算法、進階加密標準(AES)演算法、MD5演算法、訊息認證碼(MAC)演算法、循環冗餘檢測碼(CRC)演算法中的任一種,但不限於此。本說明書一個實施例提供了藍牙設備,如圖4所示,該藍牙設備可以發起重建藍牙連接,該藍牙設備400包括:附加碼產生模組41,配置為產生附加碼;訊息產生模組42,配置為當檢測到藍牙連接斷開後,對附加碼產生模組41產生的附加碼加密,產生第一密文;根據第一密文產生基於藍牙協定的廣播訊息,並發送廣播訊息;請求處理模組43,配置為接收外部藍牙設備發來的掃描請求;根據掃描請求中攜帶的隨機私有位址,將基於藍牙協定的掃描回應發送給外部藍牙設備,其中,隨機私有位址為外部藍牙設備針對掃描請求產生的位址;當接收到外部藍牙設備發來的連接請求時,與外部藍牙設備建立藍牙連接。在本說明書另一個實施例中,附加碼產生模組41,配置為產生亂數,以得到附加碼;訊息產生模組42,進一步配置為在廣播訊息中攜帶明文形式的附加碼。在本說明書另一個實施例中,附加碼產生模組41,配置為利用預先設置的附加碼演算法週期性地產生附加碼,其中,附加碼演算法是與藍牙連接所連接的藍牙設備共同約定的演算法;訊息產生模組42,配置為對當前週期內產生的附加碼加密。在本說明書另一個實施例中,訊息產生模組42,配置為利用第一加密演算法對附加碼和儲存的本地密鑰進行加密,得到第一密文,其中,第一加密演算法為單向函數,本地密鑰是與藍牙連接所連接的藍牙設備共同約定的密鑰,第一加密演算法與藍牙連接所連接的藍牙設備共同約定的演算法。在本說明書另一個實施例中,請求處理模組43,配置為利用第二解密演算法,根據附加碼和儲存的本地密鑰對掃描請求中攜帶的隨機私有位址進行解密,得到固定位址;確定儲存的固定位址與解密得到的固定位址是否相同,其中,儲存的固定位址是與藍牙連接所連接的藍牙設備共同約定儲存的位址,本地密鑰是與藍牙連接所連接的藍牙設備共同約定的密鑰,第二解密演算法是與藍牙連接所連接的藍牙設備共同約定的演算法;如果相同,則執行將基於藍牙協定的掃描回應發送給外部藍牙設備。在本說明書另一個實施例中,請求處理模組43,配置為利用第三加密演算法對掃描請求中攜帶的隨機私有位址和儲存的本地密鑰進行加密,得到第二密文,其中,第二加密演算法為單向函數,本地密鑰是與藍牙連接所連接的藍牙設備共同約定的密鑰;利用第二密文產生基於藍牙協定的掃描回應;將掃描回應透過隨機私有位址發送給外部藍牙設備。本說明書又一個實施例中提供了藍牙設備,該藍牙設備未主動發起重建藍牙連接,如圖5所示,該藍牙設備500包括:連接檢測模組51,配置為檢測到藍牙連接斷開;附加碼獲取模組52,配置為當監聽到廣播訊息時,獲取附加碼;訊息驗證模組53,配置為利用附加碼獲取模組52獲取的附加碼驗證廣播訊息的有效性;連接處理模組54,配置為當訊息驗證模組53確定廣播訊息有效時,對附加碼進行加密,產生隨機私有位址;將隨機私有位址攜帶在基於藍牙協定的掃描請求中,發送給發來廣播訊息的外部藍牙設備;當接收到外部藍牙設備根據隨機私有位址發來的掃描回應時,根據隨機私有位址向外部藍牙設備發送連接請求,以透過連接請求與外部藍牙設備建立連接。在本說明書另一個實施例中,廣播訊息中攜帶有明文形式的附加碼;附加碼獲取模組52,配置為從廣播訊息中獲取附加碼。在本說明書另一個實施例中,附加碼獲取模組52,配置為利用預先設置的附加碼演算法週期性地產生附加碼,其中,附加碼演算法是與藍牙連接所連接的藍牙設備共同約定的演算法;獲取在當前週期內產生的附加碼。在本說明書另一個實施例中,訊息驗證模組53,配置為利用第一加密演算法對獲取的附加碼和儲存的本地密鑰進行加密,得到第三密文,其中,第一加密演算法為單向函數,本地密鑰是與藍牙連接所連接的藍牙設備共同約定的密鑰;確定第三密文是否與廣播訊息中的第一密文相同;若相同,則確定廣播訊息有效。在本說明書另一個實施例中,連接處理模組54,配置為利用第二加密演算法對附加碼、儲存的固定位址和儲存的本地密鑰進行加密,得到隨機私有位址,其中,固定位址是與藍牙連接所連接的藍牙設備共同約定儲存的位址,本地密鑰是與藍牙連接所連接的藍牙設備共同約定的密鑰,第二加密演算法是與藍牙連接所連接的藍牙設備共同約定的演算法。在本說明書另一個實施例中,連接處理模組54,配置為利用第三加密演算法對隨機私有位址和本地密鑰進行加密,得到第四密文;確定第四密文是否與掃描回應中的第二密文相同;若相同,則執行根據隨機私有位址向外部藍牙設備發送連接請求,其中,本地密鑰是與藍牙連接所連接的藍牙設備共同約定的密鑰,第三加密演算法與藍牙連接所連接的藍牙設備共同約定的演算法。可以理解的是,本說明書實施例示意的結構並不構成對藍牙設備的具體限定。在說明書的另一些實施例中,藍牙設備可以包括比圖示更多或者更少的部件,或者組合某些部件,或者拆分某些部件,或者不同的部件佈置。圖示的部件可以以硬體、軟體或者軟體和硬體的組合來實現。上述裝置內的各單元之間的資訊交互、執行過程等內容,由於與本說明書方法實施例基於同一構思,具體內容可參見本說明書方法實施例中的敘述,此處不再贅述。本說明書還提供了一種電腦可讀取儲存媒體,其上儲存有電腦程式,當該電腦程式在電腦中執行時,執行如本說明書中任一個實施例中的方法。本說明書一個實施例還提供了一種計算設備,包括儲存器和處理器,該儲存器中儲存有可執行碼,處理器執行可執行碼時,實現上述任一實施例中的方法。本領域技術人員應該可以意識到,在上述一個或多個示例中,本發明所描述的功能可以用硬體、軟體、韌體或它們的任意組合來實現。當使用軟體實現時,可以將這些功能儲存在電腦可讀取媒體中或者作為電腦可讀取媒體上的一個或多個指令或碼進行傳輸。以上所述的具體實施方式,對本發明的目的、技術方案和有益效果進行了進一步詳細說明,所應理解的是,以上所述僅為本發明的具體實施方式而已,並不用於限定本發明的保護範圍,凡在本發明的技術方案的基礎之上,所做的任何修改、等同替換、改進等,均應包括在本發明的保護範圍之內。As mentioned earlier, a Bluetooth device is a device that communicates based on Bluetooth technology. At present, various Bluetooth devices usually send their own fixed Bluetooth addresses when interacting with data, or return fixed attribute information used to represent their own attributes when scanning. When the information sent by the Bluetooth device is intercepted and obtained by the attacker, the attacker may establish a connection with the device to be connected by the Bluetooth device based on the intercepted information, so as to pretend to be the Bluetooth device to obtain the communication data between the two devices. Or the attacker uses the intercepted information elsewhere, which leads to the leakage of Bluetooth device information and reduces the security of the Bluetooth device connection process. In addition, if the attacker occupies the connection between the Bluetooth device and the device to be connected for a long time, the Bluetooth device cannot establish a connection with the device to be connected, thereby affecting the communication of the Bluetooth device. To this end, according to the embodiments of the present specification, a dynamic additional code is generally used to enable authentication between Bluetooth devices that communicate based on the Bluetooth technology. Since the add-on code is not fixed, when the Bluetooth device is disconnected from the Bluetooth connection, the dynamic add-on code is used to connect to the device to be connected, which can prevent attackers from using the fixed authentication information to impersonate the Bluetooth device and other devices. The Bluetooth device establishes a connection, therefore, the security of the Bluetooth device connection process can be improved, and the connection between the Bluetooth devices is made more reliable. Through the above description, the existing connection method between Bluetooth devices has low security. In response to this, an embodiment of this specification provides a Bluetooth device connection method, which is applied to an initiator Bluetooth device, where the initiator Bluetooth device is a device that actively initiates the re-establishment of Bluetooth by actively sending a broadcast message after disconnecting the Bluetooth connection. The connected Bluetooth device, as shown in Figure 1, may specifically include the following steps: Step 101: Generate an additional code; Step 102: After detecting that the Bluetooth connection is disconnected, encrypt the additional code to generate a first ciphertext; Step 103 : Generate a broadcast message based on the Bluetooth protocol according to the first ciphertext, and send the broadcast message; Step 104: Receive a scan request sent by an external Bluetooth device; Step 105: According to the random private address carried in the scan request, The scan response of the Bluetooth protocol is sent to the external Bluetooth device, wherein the random private address is the address generated by the external Bluetooth device for the scan request; Step 106: When receiving the connection request sent by the external Bluetooth device, communicate with the external Bluetooth device. The Bluetooth device establishes a Bluetooth connection. In this embodiment, if it is detected that the Bluetooth connection is disconnected, a broadcast message based on the Bluetooth protocol can be generated based on the additional code generated on site, and the broadcast message can be broadcast. In order to monitor the broadcast message, the external bluetooth device can return a random private address carrying the scan request, and use the private address to establish a bluetooth connection with the external bluetooth device that sent the scan request. Since the additional code is not a fixed value, but is generated on the spot, the broadcast message is also not a fixed message. And the random private address sent by the external bluetooth device is also the address for the scan request. Therefore, the random private address communicated with the external bluetooth device that sends the scan request is not fixed. Therefore, it can effectively prevent After the Bluetooth device information is stolen, establishing a connection with other Bluetooth devices results in leakage of information transmitted between the Bluetooth devices, thereby improving the security of the Bluetooth device connection process. It can be understood that, before the Bluetooth connection is not disconnected, the Bluetooth devices connected through the Bluetooth connection may pre-determine which party will actively send the broadcast message after the Bluetooth connection is disconnected. In order to improve the security of Bluetooth device connection, for the Bluetooth device that sends broadcast messages, the embodiments of this specification provide two ways to obtain additional codes. Both the sender and the receiver generate the additional code simultaneously according to the agreed method; for the first method: take the random number generated randomly as the additional code, and carry the additional code in plaintext in the broadcast message. Since the additional code is randomly generated and cannot be predicted in advance, it can increase the difficulty of forging broadcast messages. The additional code in plaintext is then carried in the broadcast message, so that the external Bluetooth device that monitors the broadcast message can verify the first ciphertext in the broadcast message based on the additional code in plaintext to determine whether the first ciphertext is It is the forged ciphertext, so as to judge the validity of the monitored broadcast message, so as to improve the security of the connection process between the Bluetooth devices. For method 2: before the Bluetooth connection is disconnected, the additional code algorithm is pre-agreed with the Bluetooth device connected to the Bluetooth connection, and the additional code algorithm is used to generate the additional code according to the specified period, for example, according to the period of 30 minutes (min ), 120min or 500min. Since the additional code algorithm is agreed with the connected Bluetooth device, the same additional code can be generated between the two devices at the same time point. In this way, when the Bluetooth device monitors the broadcast message, it can use its own The generated additional code verifies the broadcast message, and determines whether the first ciphertext in the broadcast message is the same as the ciphertext obtained by using the additional code generated by itself, so as to determine whether the broadcast message is a message sent by an attacker, so as to improve the Bluetooth device performance. The security of the connection process between them. In order to further increase the difficulty for the attacker to forge the broadcast message, in another embodiment, before the Bluetooth connection is not disconnected, a common local key can be agreed with the Bluetooth device connected to the Bluetooth connection and used to generate the first The first encryption algorithm F1 (x1 , y1 ) of the ciphertext is stored separately, wherein x1 represents the first variable of the first encryption algorithm, and y1 represents the second variable of the first encryption algorithm . In order to further improve the forgery difficulty of broadcast messages and filter out attackers by verifying the broadcast messages, the first encryption algorithm may be a one-way function. Based on this, the first ciphertext can be encrypted by using the first encryption algorithm based on the additional code and the local key to obtain the first ciphertext. However, based on the first ciphertext and the additional code, the first encryption algorithm cannot be used to reversely obtain the local key; similarly, based on the first ciphertext and the local key, it is still impossible to use the first encryption algorithm to reversely obtain the additional key. code. In this way, it can be ensured that the first ciphertext can be obtained only after the additional code, the first encryption algorithm and the local key are obtained at the same time to generate the broadcast message. And since the additional code is a dynamic code, it can prevent an attacker from establishing a connection with the Bluetooth device for a long time. Specifically, the first ciphertext can be obtained in the following manner: if the value of the additional code is assigned to the first variable x1 of the first encryption algorithm F1 (x1 , y1 ), then the value of the local key is assigned The second variable y1 of the first encryption algorithm F1 (x1 , y1 ) is assigned; if the value of the additional code is assigned to the second variable y1 , the value of the local key is assigned to the first variable x1 . Then use the assigned first encryption algorithm to generate the first ciphertext. In order to prevent the attacker from imitating the Bluetooth device connected before the Bluetooth connection is disconnected, in another embodiment, before the Bluetooth connection is not disconnected, the Bluetooth device to which the Bluetooth connection is connected first agrees with the Bluetooth device for generating a random private address. The second encryption algorithm F2e (x2e , y2e , z2 e ), the second decryption algorithm F2d (x2d , y2d , z2d ) for verifying the random private address, the local key and the Fixed address of the Bluetooth device, where x2d represents the first variable of the second decryption algorithm, y2d represents the second variable of the second decryption algorithm, z2d represents the third variable of the second decryption algorithm, and x2e The first variable representing the second encryption algorithm, y2e representing the second variable of the second encryption algorithm, and z2 e representing the third variable of the second encryption algorithm. In this way, after receiving the scan request from the external Bluetooth device, the stored second decryption algorithm is used to decrypt the random private address carried in the scan request according to the additional code and the local key, and the decrypted fixed address is obtained. . By comparing the stored fixed address and the decrypted fixed address to determine whether the two are the same, if they are the same, it can be determined that the random private address carried in the scan request is not forged, that is, the random private address is Trustworthy, therefore, the random private address can be used to communicate with the Bluetooth device that sent the random private address. Because the attacker does not obtain the local key, the fixed address, the additional code and the second encryption algorithm for generating the private random address, the correct random private address cannot be generated. In this way, when the wrong random private address carried in the scan request sent by the attacker is decrypted, the wrong address will be obtained. By comparing with the stored fixed address, attacks that counterfeit the Bluetooth device can be filtered out. , making the attacker's attack fail. In order to further increase the difficulty for an attacker to obtain the information of the Bluetooth device, in another embodiment, before the Bluetooth connection is disconnected, a protocol for encrypting the random private address can be jointly agreed with the Bluetooth device connected to the Bluetooth connection. The third encryption algorithm F3 (x3 , y3 ) and the local key. In this way, after receiving the scan request, if the value of the random private address is assigned to the first variable of the third encryption algorithm F3 (x3 , y3 ), then the local password is assigned to the third encryption algorithm F The second variable of3 (x3 , y3 ), on the contrary, assign the local password to the first variable of F3 (x3 , y3 ). Then use the assigned third encryption algorithm to generate the second ciphertext. In order to ensure the security of the second ciphertext, the third encryption algorithm is a one-way function. Based on this, the attacker needs to obtain the third encryption algorithm and the local key to calculate the real second ciphertext. In this way, the attacker who counterfeit the Bluetooth device can be filtered out, so that the attacker fails to attack, thus Improve the security of the Bluetooth device connection process. An embodiment of this specification provides a Bluetooth device connection method, which is applied to a receiver Bluetooth device. The receiver Bluetooth device is such a device that after disconnecting the Bluetooth connection, the Bluetooth connection is not actively initiated, and the reconstruction is performed by listening to broadcast messages. The Bluetooth device connected by Bluetooth, as shown in FIG. 2, may specifically include the following steps: Step 201: Detecting that the Bluetooth connection is disconnected; Step 202: Obtaining an additional code when monitoring the broadcast message; Step 203: Using the obtained additional code Verify the validity of the broadcast message; Step 204: When it is determined that the broadcast message is valid, encrypt the additional code to generate a random private address; Step 205: Carry the random private address in the scan request based on the Bluetooth protocol, and send it to the sender The external bluetooth device to broadcast the message; Step 206: when receiving the scan response sent by the external bluetooth device according to the random private address, send a connection request to the external bluetooth device according to the random private address, so as to communicate with the external bluetooth device through the connection request establish connection. In this embodiment, if it is detected that the Bluetooth connection is disconnected, an additional code can be obtained based on the monitored broadcast message, and then the monitored broadcast message can be verified to determine whether the broadcast message is forged by the attacker; when After confirming that the broadcast message is not forged by the attacker, it can be encrypted with an additional code, and then the generated random private address is carried in the scan request and sent to the external Bluetooth device that sent the broadcast message. Since the random private address is an address generated based on a dynamic additional code, the random private address generated based on the additional code is also not a fixed address. In this way, the external Bluetooth device that sends the broadcast message uses a random private address to establish a connection, which can effectively prevent the Bluetooth device information from being stolen and establish a connection with other Bluetooth devices. Security of the connection process. It can be understood that, before the Bluetooth connection is not disconnected, the Bluetooth devices connected through the Bluetooth connection may pre-determine which party will actively send the broadcast message after the Bluetooth connection is disconnected. In order to improve the security of the Bluetooth device connection process, for the Bluetooth device that has monitored the broadcast message, the embodiments of this specification provide two ways to obtain the additional code; The additional code can be obtained from the broadcast message, and the validity of the broadcast message can be verified by using the additional code without generating the additional code by itself, thereby reducing the processing operation of the Bluetooth device receiving the broadcast message. Manner 2: Before the Bluetooth connection is disconnected, an additional code algorithm for generating the additional code and a cycle for generating the additional code are jointly agreed with the Bluetooth device connected to the Bluetooth connection. In this way, the mutually agreed upon Bluetooth devices can generate the same additional code by using the additional code algorithm according to the agreed period. For example, an additional code is generated every 180 minutes. In this way, the jointly agreed Bluetooth device that actively sends the broadcast message uses the additional code to generate and broadcast the broadcast message. The mutually agreed receiver Bluetooth device can use the additional code generated by itself in the period in which the broadcast message is monitored to verify the monitored broadcast message. If the broadcast message is a message generated by using an additional code obtained by a commonly agreed algorithm, then it can be verified that the broadcast message is valid; otherwise, it can be determined that the broadcast message is forged by the attacker. In order to further increase the difficulty of the attacker forging broadcast messages, in another embodiment of this specification, before the Bluetooth connection is not disconnected, a local key can be jointly agreed with the Bluetooth device connected to the Bluetooth connection to generate a local key. The first encryption algorithm F1 (x1 , y1 ) of the first ciphertext is stored separately, wherein x1 represents the first variable of the first encryption algorithm, and y1 represents the first variable of the first encryption algorithm. Two variables. In order to further improve the forgery difficulty of broadcast messages and filter out attackers by verifying the broadcast messages, the first encryption algorithm may be a one-way function. Based on this, the attacker needs to calculate the correct first ciphertext after obtaining the local key and the first encryption algorithm, and then generate the broadcast message. Otherwise, the attacker cannot generate the correct broadcast message. In addition, since the additional code is a dynamic code and is generated on-site, the attacker will not establish a long-term connection with the Bluetooth device connected to the Bluetooth connection for a long time after obtaining the additional code. The difficulty of the device is to achieve the purpose of improving the security of the Bluetooth device. Therefore, after monitoring the broadcast message, if the value of the acquired additional code is assigned to the first variable x1 of the first encryption algorithm, the value of the stored local key is assigned to the first encryption algorithm F1 ( x1 , y1 ) second variable y1 ; if the acquired value of the additional code is assigned to the second variable y1 , the local key is assigned to the first variable x1 . Then, a third ciphertext can be generated by using the assigned first encryption algorithm. By comparing the third ciphertext with the first ciphertext in the broadcast message, if the two are the same, it can be determined that the broadcast message is not forged and the broadcast message is not forged. The message is valid and, therefore, can further interact with the Bluetooth device that sent the broadcast message. If the two are different, it can be determined that the broadcast message is forged, so there is no need for further interaction with the Bluetooth device that sent the broadcast message. Specifically, the stored local key may be the key agreed upon between the Bluetooth devices when the Bluetooth connection is established for the first time, or may be the key agreed upon again between the Bluetooth devices after the nth Bluetooth connection is established, where n Greater than 1. In order to prevent attackers from forging random private addresses, in another embodiment of this specification, before the Bluetooth connection is not disconnected, a common local key, fixed address, a second encryption algorithm F2e (x2e , y2e ) for generating random private addresses and a second decryption algorithm F2d (x2d , y2d , z2d ) for verifying random private addresses, where , x2d represents the first variable of the second decryption algorithm, y2d represents the second variable of the second decryption algorithm, z2d represents the third variable of the second decryption algorithm, and x2e represents the second variable of the second encryption algorithm A variable, y2e represents the second variable of the second encryption algorithm, and z2 e represents the third variable of the second encryption algorithm. When it is determined that the monitored broadcast message is valid, a random private address can be generated first. The method of generating the random private address includes: assigning the value of the additional code, the value of the local key and the value of the fixed address to the variable of the second encryption algorithm, and then using the assigned second encryption algorithm to generate the random private bit site. If the attacker pretends to be a Bluetooth device monitoring broadcast messages, the attacker cannot generate a correct random private address without obtaining the local key, fixed address and second encryption algorithm. Therefore, when the external Bluetooth device receives After the scan request verifies the random private address, it can be found whether the scan request is a request sent by an attacker. In order to prevent the attacker from forging the scan response, in another embodiment of this specification, before the Bluetooth connection is not disconnected, a common local key can be agreed with the Bluetooth device connected to the Bluetooth connection and used to verify the scan response The third encryption algorithm F3 (x3 , y3 ), wherein, x3 represents the first variable of the third encryption algorithm, and y3 represents the second variable of the third encryption algorithm. After receiving the scan response, the value of the self-generated random private address and the stored local key may be assigned to the third encryption algorithm, and then the assigned third encryption algorithm may be used to generate the fourth ciphertext. By comparing the fourth ciphertext with the second ciphertext in the scan response, we can know whether the scan response is a forged response by the attacker. If the scan response is not forged by the attacker, it can be compared with the external Bluetooth The device establishes a connection, otherwise, there is no need to interact with the external Bluetooth device that sent the scan response. Taking the Bluetooth devices "Dragonfly" and "Keyboard" for data interaction based on Bluetooth technology as examples, the connection method of the Bluetooth devices provided by the embodiments of this specification is described below, as shown in Figure 3, which may specifically include the following steps: Step 301: Keyboard Generate an additional code, and after finding that the Bluetooth connection with Dragonfly is disconnected, use the first encryption algorithm agreed with Dragonfly to encrypt the local key and additional code to obtain the first ciphertext, and send the first ciphertext based on the first encryption algorithm. The broadcast message generated by the ciphertext. Specifically, the keyboard and Dragonfly can make an agreement when the Bluetooth connection is not disconnected. If the Bluetooth connection is disconnected, the keyboard will actively send a broadcast message, and it is agreed that the additional code for generating the broadcast message should be generated by the keyboard side alone or by both parties according to the same Algorithms are generated periodically. Since the additional code is generated on the spot and is not a fixed code, the broadcast message after the Bluetooth connection is disconnected is also not a fixed message, which increases the difficulty for an attacker to steal the data of the Bluetooth device. Step 302 : After listening to the broadcast message, Dragonfly obtains the additional code, and verifies the first ciphertext in the broadcast message by using the first encryption algorithm, the local key and the additional code pre-agreed with the keyboard. If the broadcast message is valid, use the second encryption algorithm, local key and fixed address agreed with the keyboard to generate a random private address, and then send a scan request carrying the random private address to the keyboard. Specifically, after monitoring the broadcast message, Dragonfly can obtain the corresponding additional code based on the pre-agreed method for obtaining the additional code. Just read the additional code. Alternatively, the agreed method of acquiring the additional code is that both parties jointly generate the additional code periodically according to the additional code algorithm, then at this time, Dragonfly can use the additional code generated in the current period to verify the broadcast message. When Dragonfly verifies that the broadcast message is valid, that is, after using the additional code and the local key agreed with the keyboard to encrypt with the first encryption algorithm, the third ciphertext obtained is the same as that in the broadcast message, that is, the broadcast message is determined to be valid. Then use the second encryption algorithm agreed with the keyboard to generate a random private address for the local key, fixed address and additional code, and carry it in the scan request and send it to the keyboard. Step 303: The keyboard uses the second decryption algorithm and the local key agreed with Dragonfly to decrypt the random private address in the scan request. The third encryption algorithm, the local key and the random private address generate the third ciphertext, and then generate the scan response and send it to Dragonfly through the random private address. Specifically, after receiving the scan request, the keyboard needs to verify the random private address in the scan request, that is, use the second decryption algorithm agreed with Dragonfly and the additional code generated by itself to decrypt the random private address, If the obtained fixed address is the same as the pre-agreed fixed address, it indicates that the random private address is the address generated by Dragonfly. Therefore, the third encryption algorithm can be used to encrypt the random private address and the local key to obtain Scan the response and send it to Dragonfly. Step 304: Dragonfly monitors the random private address, and after receiving the scan response, uses the third encryption algorithm agreed with the keyboard, the local key and the random private address generated by itself to generate a fourth ciphertext, The ciphertext is compared with the second ciphertext in the scan response, and when it is determined that the two are the same, a connection request is sent to the keyboard. Specifically, after receiving the scan response, Dragonfly needs to verify the scan response, that is, use the third encryption algorithm to encrypt the local key stored by itself and the random private address generated by itself. If the cipher text is the same as the second cipher text in the scan response, it means that the scan response is a response sent by the keyboard, so a Bluetooth connection can be established with it. Step 305: After receiving the connection request, the keyboard establishes a Bluetooth connection with Dragonfly. To sum up, since the additional code is dynamically generated, the first encryption algorithm, the second encryption algorithm, the second decryption algorithm, the third encryption algorithm, the local key and the fixed encryption algorithm are agreed between the Bluetooth devices establishing the Bluetooth connection. Therefore, after the attacker does not obtain the above agreed content, the attacker cannot forge the correct broadcast message, random private address, scan request and scan response. Therefore, it can effectively prevent the attacker from using the intercepted information to counterfeit The Bluetooth device establishes a connection with other devices, so that the security of the connection process between the Bluetooth devices can be improved. It should be noted that the broadcast message includes ADV_IND based on the Bluetooth protocol, the scan request includes SCAN_REQ based on the Bluetooth protocol, and the scan response includes SCAN_RSP based on the Bluetooth protocol. The first encryption algorithm and the third encryption algorithm in any of the above embodiments include: hash algorithm, advanced encryption standard (AES) algorithm, MD5 algorithm, message authentication code (MAC) algorithm, cyclic redundancy Any of, but not limited to, Check Code (CRC) algorithms. An embodiment of this specification provides a Bluetooth device. As shown in FIG. 4 , the Bluetooth device can initiate the reestablishment of a Bluetooth connection. TheBluetooth device 400 includes: an additionalcode generation module 41, configured to generate an additional code; amessage generation module 42, It is configured to encrypt the additional code generated by the additionalcode generation module 41 after detecting that the Bluetooth connection is disconnected to generate a first ciphertext; generate a broadcast message based on the Bluetooth protocol according to the first ciphertext, and send the broadcast message; request processing Themodule 43 is configured to receive the scan request sent by the external Bluetooth device; according to the random private address carried in the scan request, send the scan response based on the Bluetooth protocol to the external Bluetooth device, wherein the random private address is the external Bluetooth device Address generated for the scan request; when receiving a connection request from an external Bluetooth device, establish a Bluetooth connection with the external Bluetooth device. In another embodiment of this specification, the additionalcode generation module 41 is configured to generate random numbers to obtain the additional code; themessage generation module 42 is further configured to carry the additional code in plaintext in the broadcast message. In another embodiment of this specification, the additionalcode generation module 41 is configured to periodically generate additional codes by using a preset additional code algorithm, wherein the additional code algorithm is a common agreement with the Bluetooth device connected to the Bluetooth connection the algorithm; themessage generating module 42 is configured to encrypt the additional code generated in the current cycle. In another embodiment of this specification, themessage generating module 42 is configured to encrypt the additional code and the stored local key by using a first encryption algorithm to obtain a first ciphertext, wherein the first encryption algorithm is a single Direction function, the local key is a key agreed with the Bluetooth device connected to the Bluetooth connection, and the first encryption algorithm is an algorithm agreed upon with the Bluetooth device connected to the Bluetooth connection. In another embodiment of this specification, therequest processing module 43 is configured to use the second decryption algorithm to decrypt the random private address carried in the scan request according to the additional code and the stored local key to obtain a fixed address ; Determine whether the stored fixed address is the same as the decrypted fixed address, wherein the stored fixed address is the address jointly agreed to store with the bluetooth device connected to the bluetooth connection, and the local key is the one connected to the bluetooth connection. The key agreed upon by the bluetooth devices, and the second decryption algorithm is an algorithm jointly agreed upon with the bluetooth devices connected to the bluetooth connection; if they are the same, the scanning response based on the bluetooth protocol is sent to the external bluetooth device. In another embodiment of this specification, therequest processing module 43 is configured to use a third encryption algorithm to encrypt the random private address and the stored local key carried in the scan request to obtain the second ciphertext, wherein, The second encryption algorithm is a one-way function, and the local key is a key agreed with the Bluetooth device connected to the Bluetooth connection; the second ciphertext is used to generate a scan response based on the Bluetooth protocol; the scan response is sent through a random private address to external bluetooth devices. Another embodiment of this specification provides a Bluetooth device that does not actively initiate the re-establishment of a Bluetooth connection. As shown in FIG. 5 , theBluetooth device 500 includes: aconnection detection module 51 configured to detect that the Bluetooth connection is disconnected; additional Thecode acquisition module 52 is configured to acquire the additional code when monitoring the broadcast message; themessage verification module 53 is configured to verify the validity of the broadcast message using the additional code obtained by the additionalcode acquisition module 52; theconnection processing module 54 , configured to encrypt the additional code when themessage verification module 53 determines that the broadcast message is valid to generate a random private address; carry the random private address in the scan request based on the Bluetooth protocol, and send it to the external party that sent the broadcast message Bluetooth device; when receiving the scan response from the external Bluetooth device according to the random private address, send a connection request to the external Bluetooth device according to the random private address, so as to establish a connection with the external Bluetooth device through the connection request. In another embodiment of this specification, the broadcast message carries the additional code in plain text; the additionalcode obtaining module 52 is configured to obtain the additional code from the broadcast message. In another embodiment of this specification, the additionalcode obtaining module 52 is configured to periodically generate additional codes by using a preset additional code algorithm, wherein the additional code algorithm is a common agreement with the Bluetooth device connected to the Bluetooth connection Algorithm for ; get additional codes generated in the current cycle. In another embodiment of this specification, themessage verification module 53 is configured to encrypt the acquired additional code and the stored local key by using a first encryption algorithm to obtain a third ciphertext, wherein the first encryption algorithm It is a one-way function, the local key is a key agreed with the Bluetooth device connected to the Bluetooth connection; it is determined whether the third ciphertext is the same as the first ciphertext in the broadcast message; if they are the same, the broadcast message is determined to be valid. In another embodiment of this specification, theconnection processing module 54 is configured to use the second encryption algorithm to encrypt the additional code, the stored fixed address and the stored local key to obtain a random private address, wherein the fixed address is The address is the address jointly agreed to store with the Bluetooth device connected to the Bluetooth connection, the local key is the key agreed with the Bluetooth device connected to the Bluetooth connection, and the second encryption algorithm is the Bluetooth device connected to the Bluetooth connection. Commonly agreed algorithm. In another embodiment of this specification, theconnection processing module 54 is configured to use a third encryption algorithm to encrypt the random private address and the local key to obtain a fourth ciphertext; determine whether the fourth ciphertext corresponds to the scan response The second ciphertext in is the same; if it is the same, execute a connection request to an external Bluetooth device according to a random private address, where the local key is a key agreed upon with the Bluetooth device connected to the Bluetooth connection, and the third encryption algorithm The algorithm agreed with the Bluetooth device connected to the Bluetooth connection. It can be understood that the structures illustrated in the embodiments of this specification do not constitute a specific limitation on the Bluetooth device. In other embodiments of the specification, the Bluetooth device may include more or less components than shown, or combine some components, or separate some components, or different component arrangements. The illustrated components may be implemented in hardware, software, or a combination of software and hardware. The information interaction and execution process among the units in the above apparatus are based on the same concept as the method embodiments in this specification, and the specific content can be found in the descriptions in the method embodiments in this specification, which will not be repeated here. The present specification also provides a computer-readable storage medium on which a computer program is stored. When the computer program is executed in the computer, the method as described in any one of the embodiments of the present specification is executed. An embodiment of the present specification further provides a computing device, including a storage and a processor, where executable code is stored in the storage, and when the processor executes the executable code, the method in any of the foregoing embodiments is implemented. Those skilled in the art should realize that, in one or more of the above examples, the functions described in the present invention may be implemented by hardware, software, firmware or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The specific embodiments described above further describe the objectives, technical solutions and beneficial effects of the present invention in detail. It should be understood that the above descriptions are only specific embodiments of the present invention, and are not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made on the basis of the technical solution of the present invention shall be included within the protection scope of the present invention.
